A continuing OCSP journey.....

Hi Everyone,
Working full time my path down OSCP has been long and slow lol. I started about 11 months ago and now have 21 host fully rooted. Although I am definitely no guru, I am happy to share any knowledge that may help people.
I look forward to getting to know you all better.
Cheers
Working full time my path down OSCP has been long and slow lol. I started about 11 months ago and now have 21 host fully rooted. Although I am definitely no guru, I am happy to share any knowledge that may help people.
I look forward to getting to know you all better.
Cheers

Comments
Welcome to TE!
I am planning to do OSCP certification. I would like to know what are the basics I need to brush up before starting the labs. My background is I am a Automation Test Analyst have Masters in Security Technologies, so I have little bit idea about security and programming.
Any pointers will be helpful.
Cheers
Thanks for the welcome. I am currently working as a systems administrator at a hospital. I decided I wanted to specialize and chose OSCP on the basis it was a hands on the course and the certification was highly regarded in the industry.The challenge for me doing this course was it was completely new for someone who is completely self taught Fortunately I have made friends who are doing the same course. One has given me numerous URL's to use and well as recommending vulnhub for extra practice
My Main Study books would be RTFM, Web Application Hackers Handbook, Hackers Playbook2
The 21 Hosts hosts I have rooted so far are ALICE,RALPH,PAYDAY,BOB,BOB2,JD,DJ,ORACLE,DOTTY,JEFF,BARRY,MIKE, TOPHAT,KRACKEN,SUSIE,HELPDESK,SEAN,MAIL,TIMECLOCK,KEVIN,.234
Some machines have been real tricky which makes owning then all the bigger buzz
Firstly good on you for planning to to do OSCP. I would recommend having a play around vulnhub. I didn't know about it until I started the course . I great prep tool I would say
Read as many reviews as yo can. It gave me an idea of what to expect. Knowing a bit of programing is a help and also a good understanding of linux. All these thing I have had to learn on the way.
The course is very rewarding however
Congrats on your challenge and good luck. I hope to do this by next year. Care to share these URLs?
In Progress: Linux+/LPIC-1, Python, Bash
Upcoming: eJPT, C|EH, CSA+, CCNA-Sec, PA-ACE
Penetration Testing Methodology - 0DAYsecurity.com
Creating Metasploit Payloads
Reverse Shell **** Sheet | pentestmonkey
https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/
Converting Metasploit Module to Stand Alone
FuzzySecurity | Windows Privilege Escalation Fundamentals
Converting Metasploit Module to Stand Alone
http://www.gironsec.com/WebHacking101.pdf
MSSQL Injection **** Sheet | pentestmonkey
Creating Metasploit Payloads
These are probably my most widely used. Hope they help in some way for you
In Progress: Linux+/LPIC-1, Python, Bash
Upcoming: eJPT, C|EH, CSA+, CCNA-Sec, PA-ACE
Definitely going to check all of these links out.
You're welcome [email protected] When are you looking at doing yours? Happy to give nudges where I can
In Progress: Linux+/LPIC-1, Python, Bash
Upcoming: eJPT, C|EH, CSA+, CCNA-Sec, PA-ACE
Connect with me on LinkedIn https://www.linkedin.com/in/myerscraig
Im also doing the same as far as Linux Plus goes.
But i decided against the CEH.
Its really expensive for what you get.
Ive heard the ejpt would be better spent because of its practicality and direct preparation for the OSCP.
But what it boils down to is cost. For about 300 more US bucks, you can get 30 days for the OSCP, which I felt was much more valuable.
If it was cheaper, by about 300 bucks...being an HR filter as it is, id consider the CEH.
I completely understand. I need all the HR filter buffs I can get, I don't have a B.S. or even an A.S. I have a lot of experience in IT, most of it along the lower wrungs though, Helpdesk, NOC, Tech Support type stuff. I had some network hands-on experience with the NOC but not enough to justify calling myself an engineer. With more labbing and certifications, I'm hoping to lay groundwork for the certs and with enough I should be able to breeze through a B.S. at WGU in a year or two. I think a CEH, OSCP & CISSP in 2 years is doable and will get me more money in the short-term to make the B.S. attainable within that time as well.
In Progress: Linux+/LPIC-1, Python, Bash
Upcoming: eJPT, C|EH, CSA+, CCNA-Sec, PA-ACE
Id look into it after getting the OSCP and quite possibly the OSWA.
Cuz web apps and securing them with pen testing is also becoming huge.
I also don't want to burn myself out.